我需要向外部服务器发送 https 帖子。最好先验证外部对等方,然后再在单独的请求中发送发布数据吗?或者要求验证对等点并在同一请求中发送发布数据是否可以?如果有帮助,我正在使用 pycurl。感谢您的帮助。
最佳答案
来自 CURL 文档:
When CURLOPT_SSL_VERIFYPEER is nonzero, and the verification fails to prove that the certificate is authentic, the connection fails. When the option is zero, the peer certificate verification succeeds regardless.
SSL 协商阶段发生在发送任何数据之前,因此如果外部对等方无法验证,则连接将在发送任何数据之前失败。作为一个请求完成所有操作应该没问题。
SSL -- Negotiation Phase http://www.ietf.org/proceedings/32/sec/cat.elgamal.slides.html
- The client initiates the session
- The server responds and sends its certificate
- The client generates the master key and sends it encrypted using the server's public key
- Requires a server certificate but does not require a client certificate
- Requires a certain level of trust in the server's certificate
- Optional client certificate can be used to authenticate the client to the server
关于ssl - 验证对等点与发送 https post 分开,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/5130266/